Keeping secrets secure on Kubernetes is crucial for every organization. However, it’s easier said than done.
Last week I published a blog, “How to spot gaps in your Public Cloud Kubernetes Security Posture” with the aim of providing a very high-level view of where security matters in public cloud Kubernetes. Originally I intended to provide information for people new to Kubernetes and a few people have asked for some context to...
Breaking down the core areas that you should be aware of when considering security around public cloud Kubernetes The Control Plane API Server The API server provides the entry point specifically for the management of a Kubernetes cluster. The API server endpoint is secured through public cloud IAM and also Kubernetes RBAC – however, it...
Security breaches are what nightmares are made of. You probably have your own ‘nightmares’ that come to mind. Tesla was hacked because their Kubernetes administrative console was not password protected. In another incident, Capital One left their AWS firewall definitions too lax and 30GB of credit application data (affecting 106 million customers) was exposed. Aside...
Kubernetes offers a variety of security controls, but using a default configuration exposes a wide attack surface and leaves you open and vulnerable to potential risks. In 2020, nearly 7 out of 10 companies reported a detected misconfiguration in their Kubernetes environment, making it by far the most common type of vulnerability. 2020 State of...
When you first embark on cloud, it often begins with a credit card transaction, a shadow IT department or as a proof-of-value with a given project before a more strategic commercial agreement. Getting clarity on the details of what the cloud provider is responsible for and what you, as a customer, are responsible for can...
In just the first half of 2020, data breaches exposed 36 billion records. And, as the web continues on the trend of explosive growth, there are constantly new security challenges on the horizon. With vulnerabilities around every corner, effective and comprehensive security policies are more important than ever. The cycle of manually creating and maintaining...
The rush to cloud for the retail sector has increased significantly in 2020/2021 due to COVID, and along with it an increasing number of cyberattack attempts happening against them. Being aggregators of large amounts of personally identifiable information (PII) and credit card data, online retailers are an easy target for cyber criminals. Data breaches exposed...
In March 2021 a few of Appvia’s senior engineers were invited to take part in Microsoft’s three-day One Commercial Partner (OCP) Hackathon, working directly alongside Microsoft engineers to ideate and work through a potential approach to implementing least privilege on Microsoft Azure. The Principle of Least Privilege (sometimes referred to as just ‘Least Privilege’ or...
